An entity, such as large enterprise, might have written policies that govern the management of its computing resources. As one example, the enterprise might have written policies describing which sorts of applications are permitted to run on enterprise-owned servers that are accessible via the Internet. Unfortunately, such policies can be very difficult to enforce. As one example, it can be difficult for the enterprise to become aware of when a new server is brought online, and thus difficult to determine whether the new server is in compliance with applicable policies. As another example, it can likewise be difficult to know when an existing server makes available a service it did not previously offer, or makes available a service in a manner that is not consistent with the written policy. Improvements in techniques for monitoring computing systems are therefore desirable.